Cybersecurity Glossary

Today’s attackers are taking advantage of changing business dynamics to target people everywhere they work. Staying current on the latest attack vectors and threats is an essential part of securing the enterprise against breaches and compromised data.

  • A

    Advanced Persistent Threat (APT)

    A prolonged and targeted cyberattack in which an intruder gains access to a network and remains undetected for an extended period.
  • Adware

    Adware is unwanted software that automatically displays or downloads advertisements, often without the user's consent, to generate revenue for its developer and most often within a web browser.
  • B

    Botnet

    A network of private computers infected with malicious software and controlled as a group without the owners' knowledge, e.g., to send spam messages.
  • Brute Force Attack

    A brute force attack is a trial-and-error method used by hackers to guess passwords, encryption keys, or login credentials by systematically trying all possible combinations until the correct one is found.
  • C

    Chain of Custody

    Documentation that shows how evidence has been collected, analysed, and preserved to be presented in court.
  • Cross-Site Scripting (XSS)

    Cross-Site Scripting (XSS) is a security vulnerability that allows attackers to inject malicious scripts into webpages viewed by other users, potentially leading to data theft, session hijacking, or unauthorised actions on behalf of the user.
  • Cryptocurrency Mining Malware

    Malware that uses a computer's resources to mine cryptocurrency without the user's consent.
  • Cryptojacking

    Cryptojacking is a type of cyberattack in which hackers secretly use a victim's computing resources to mine cryptocurrency, often without the user's knowledge or consent, leading to degraded system performance and increased electricity costs.
  • Cyber Espionage

    The act or practice of obtaining secrets without the permission of the holder of the information (personal, sensitive, proprietary or classified).
  • D

    Data Breach

    A data breach is a security incident where sensitive, confidential, or protected information is accessed, disclosed, or stolen by unauthorised individuals.
  • Data Exfiltration

    Unauthorised transfer of data from a computer or other device.
  • DDoS Attack (Distributed Denial of Service)

    An attempt to make an online service unavailable by overwhelming it with traffic from multiple sources.
  • Deepfake

    Synthetic media in which a person's likeness has been algorithmically replaced with another's likeness.
  • Denial-of-Service (DoS) Attack

    An interruption in an authorized user's access to a computer network, typically one caused with malicious intent.
  • Digital Forensics

    The process of uncovering and interpreting electronic data for use in a court of law.
  • E

    Eavesdropping Attack

    An eavesdropping attack is a cyberattack where an unauthorised party intercepts and listens to private communications over a network, often to steal sensitive information.
  • Encryption

    The process of converting information or data into a code, especially to prevent unauthorised access.
  • Endpoint Detection and Response (EDR)

    Cybersecurity technology that continually monitors and responds to mitigate cyber threats on endpoints.
  • F

    Firewall

    A network security device that monitors and filters incoming and outgoing network traffic based on an organization’s previously established security policies.
  • G

    Grayware

    Unwanted applications or files that are not classified as malware but can worsen the performance of computers and may cause security risks.
  • H

    Hacking

    Hacking is the act of exploiting vulnerabilities in computer systems or networks to gain unauthorised access, typically for malicious purposes such as stealing data or causing disruption.
  • Hoax

    A hoax is a deliberate false warning about a virus or other malware, or misleading information about a security threat, intended to cause unnecessary fear or disruption.
  • Honeypot

    A security mechanism set to detect, deflect, or study attempts at unauthorised use of information systems.
  • I

    Identity and Access Management (IAM)

    Frameworks for business processes that facilitate the management of electronic identities.
  • Incident Response Plan (IRP)

    A set of procedures to detect, respond to, and recover from network security incidents.
  • Insider Threat

    A threat to an organization that comes from employees, former employees, contractors, or business associates who have inside information concerning the organisation's security practices.
  • Intrusion Detection System (IDS)

    A device or software application that monitors network or system activities for malicious activities or policy violations.
  • IP Spoofing

    A technique used to gain unauthorized access to computers, whereby the intruder sends messages to a computer with an IP address indicating that the message is coming from a trusted host.
  • J

    Jailbreaking

    Jailbreaking is the process of removing software restrictions on a device, typically a smartphone, to gain unauthorised access to its full functionality.
  • K

    Keylogger

    A type of surveillance technology used to monitor and record each keystroke typed on a specific computer's keyboard.
  • L

    Logic Bomb

    A piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met.
  • M

    Malware

    Malware is malicious software designed to harm, exploit, or otherwise compromise a computer system, network, or device.
  • Man-in-the-Middle (MitM) Attack

    An attack where the attacker secretly relays and possibly alters the communication between two parties who believe they are directly communicating with each other.
  • Multi-factor Authentication (MFA)

    A method of computer access control in which a user is only granted access after successfully presenting several separate pieces of evidence.
  • N

    Network Sniffing

    Network sniffing is the process of monitoring and capturing data packets traveling across a network to analyse and potentially exploit the information.
  • O

    Open Source Intelligence (OSINT)

    Open Source Intelligence (OSINT) is the collection and analysis of publicly available information to gather actionable insights for security and intelligence purposes.
  • P

    Patch Management

    The process of distributing and applying updates to software to ensure it is up to date and secure.
  • Penetration Testing

    Simulated cyber attack against your computer system to check for exploitable vulnerabilities.
  • Pharming

    Pharming is a cyber attack where users are redirected to fraudulent websites to steal sensitive information, typically through DNS poisoning.
  • Phishing

    The attempt to acquire sensitive information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication.
  • Privilege Escalation

    A situation where an attacker with some level of restricted access is able to, without authorization, elevate their privileges or access level.
  • Public Key Infrastructure (PKI)

    A set of roles, policies, hardware, software, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates and manage public-key encryption.
  • Q

    Quick Response (QR) Code Tampering

    Quick Response (QR) Code Tampering involves altering a QR code to redirect users to malicious websites or execute harmful actions when scanned.
  • R

    Ransomware

    Ransomware is a type of malicious software that encrypts a victim's data, demanding a ransom payment to restore access.
  • Rootkit

    A set of software tools that enable an unauthorized user to gain control of a computer system without being detected.
  • S

    Secure Sockets Layer (SSL)

    A standard security technology for establishing an encrypted link between a server and a client.
  • SIEM (Security Information and Event Management)

    Software solutions that provide real-time analysis of security alerts generated by applications and network hardware.
  • Social Engineering

    The use of deception to manipulate individuals into divulging confidential or personal information that may be used for fraudulent purposes.
  • Spear Phishing

    An email targeted at a specific individual or department within an organization that appears to be from a trusted source. It's actually a phishing attempt.
  • Spoofing

    Faking the sending address of a transmission to gain unauthorised entry into a secure system.
  • SQL Injection

    A type of security exploit in which the attacker adds Structured Query Language (SQL) code to a web form input box to gain access to resources or make changes to data.
  • T

    Threat Intelligence

    Information used to understand the threats that have, will, or are currently targeting the organisation.
  • Tokenization

    The process of substituting a sensitive data element with a non-sensitive equivalent, referred to as a token, that has no extrinsic or exploitable meaning or value.
  • Trojan Horse

    Any malicious computer program which misleads users of its true intent.
  • Two-Factor Authentication (2FA)

    A security process in which users provide two distinct forms of identification to access their account.
  • U

    URL Injection

    A type of attack where the attacker creates new pages on the target site filled with spammy words or malicious scripts.
  • V

    Virus

    A type of malicious software program that, when executed, replicates itself by modifying other computer programs and inserting its own code.
  • Vishing

    The fraudulent practice of making phone calls or leaving voice messages purporting to be from reputable companies to induce individuals to reveal personal information, such as bank details and credit card numbers.
  • VPN (Virtual Private Network)

    Extends a private network across a public network, enabling users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network.
  • Vulnerability Assessment

    The process of identifying, quantifying, and prioritising (or ranking) the vulnerabilities in a system.
  • W

    Wardriving

    Searching for Wi-Fi wireless networks by a person in a moving vehicle, using a laptop or smartphone.
  • Whaling

    Whaling is a targeted phishing attack that focuses on high-profile executives and other high-profile targets to steal sensitive information or gain unauthorised access to systems.
  • Whitelisting

    Whitelisting is a cybersecurity practice that involves creating a list of approved entities, such as IP addresses, applications, or email addresses, that are allowed access to a system or network.  Essentially it is a security process that allows only pre-approved software to run on a system.
  • Z

    Zero-Day Attack

    An attack that exploits a potentially serious software security weakness that the vendor or developer may be unaware of.